Privacy Policy

Last updated: January 2025

At KUNDA HOUSE LIMITED trading as ByVeya, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or engage with us for creative design and development projects.

Information We Collect

Personal Information You Provide

We collect information you voluntarily provide to us, including:

  • Name, email address, phone number, and company information
  • Project requirements, preferences, and specifications
  • Content, images, and materials you provide for projects
  • Communication history and feedback
  • Payment and billing information (processed securely through third-party providers)
Automatically Collected Information
  • Website usage data, including pages visited and time spent
  • Device information (browser type, operating system, IP address)
  • Cookies and similar tracking technologies
  • Analytics data to improve our website and services

Formation Engine Websites and Advertising

For certain website plans generated by our Formation Engine, we may display third-party advertising (for example, Google or Meta adverts) on sites that we host and manage. Where this is the case, we only use the minimum information necessary to serve, measure, and safeguard those adverts, and we do not sell your visitors' personal data to advertisers.

These advertising technologies may rely on cookies, pixels, or similar identifiers. Visitors can manage their preferences via the cookie banner and browser controls, and ad-free plans are available where you prefer a website without any third-party advertising.

How We Use Your Information

We use your information to:

  • Provide and deliver our design and development services
  • Communicate with you about projects, updates, and support
  • Process payments and manage billing
  • Improve our website, services, and user experience
  • Send newsletters and marketing communications (with your consent)
  • Comply with legal obligations and protect our rights
  • Analyse usage patterns to enhance our offerings

Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With trusted third-party providers who assist in delivering our services (hosting, payment processing, analytics)
  • Legal Requirements: When required by law, court order, or to protect our rights and safety
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Your Consent: When you explicitly authorise us to share specific information

Data Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Secure backup and recovery systems

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyse website traffic, and understand user preferences. You can control cookie settings through your browser preferences.

Third-Party Services

Our website and services may integrate with third-party platforms, including:

  • Payment processors for secure transaction handling
  • Analytics services (such as Google Analytics) for website improvement
  • Email marketing platforms for newsletters and communications
  • Cloud storage services for project file management

These third parties have their own privacy policies, and we encourage you to review them.

Your Rights and Choices

You have the right to:

  • Access, update, or delete your personal information
  • Opt out of marketing communications
  • Request data portability or restriction of processing
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with relevant data protection authorities

Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Project-related data is typically retained for the duration of the project and a reasonable period thereafter for support and warranty purposes.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable privacy laws.

Google API Services User Data Policy

ByVeya uses Google OAuth APIs to provide integrated services such as email synchronization, calendar management, and advertising analytics. ByVeya's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Data Accessed

Depending on the features you choose to enable, our application may access your Google profile (Name, Email Address, Profile Picture), Gmail (to read, send, and organise emails), Google Calendar (to read and manage events), YouTube (to upload videos and read analytics), Google Ads (to manage campaigns), Google Search Console and Analytics (for reading SEO metrics), Google Business Profile (to manage reviews), and Google Contacts (for lead syncing).

Data Usage

We use your Google user data strictly to provide the features of the ByVeya platform. For example, your Gmail access is used to allow you to read and reply to client emails directly from your ByVeya dashboard. Your Calendar data is used to schedule meetings and check your availability. Your Ads and YouTube data are used to provide analytics and automation capabilities. We do not use your Google data for any other purpose, and we never use your Google data for serving third-party advertisements or training generalized AI models.

Data Sharing

We do not share your Google user data with any third parties, except as explicitly required to provide the core services you requested (such as hosting infrastructure) or when compelled by law. Your data remains strictly within your authorised workspace on our platform.

Data Storage & Protection

We store your OAuth access and refresh tokens securely in our encrypted database using industry-standard AES-256 encryption. We employ strict access controls, transport-level security (HTTPS/TLS) for data in transit, and Row Level Security (RLS) policies within our database to ensure that only you can access your connected Google data.

Data Retention & Deletion

We retain your Google data only for as long as your account is active and you maintain the integration. You can disconnect your Google account at any time within your portal settings. Upon disconnection, we immediately revoke access and delete all associated tokens and synced cache data from our systems. You may also request complete data deletion by contacting us at hello@byveya.com, and we will securely erase your information within 30 days.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "Last updated" date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: hello@byveya.com
  • Address: Office 6288 58 Peregrine Road, Ilford, England, IG6 3SZ
  • Company Number: 15702190
  • Website: Contact Form
Privacy Policy | ByVeya | ByVeya Labs